TRENDING
“
PRE-COVID-19 , CYBERCRIMINALS WERE SUCCESSFULLY USING TRIED AND TESTED METHODS TO OBTAIN DATA . IT GOES WITHOUT SAYING THAT IF THESE TACTICS WORKED IN A STABLE BUSINESS ENVIRONMENT , THEY HAVE BEEN WORKING EVEN BETTER IN AN ERA OF UNPRECEDENTED DISRUPTION .
We have combined this data with our own team ’ s observations drawn from our collective years of experience to ascertain the cybertrends that have most impacted businesses during this time .
Focusing on the tried and tested amid the confusion
Pre-COVID-19 , cybercriminals were successfully using tried and tested methods to obtain data . It goes without saying that if these tactics worked in a stable business environment , they have been working even better in an era of unprecedented disruption .
Criminals are ultimately lazy in their approaches and , faced with a larger attack surface than usual during the pandemic , there has been no need to invent new attack strategies to achieve their goals .
Based on our observations , we have seen the use of these common threat actors increase :
• Continued increase in error : Human error is often seen as a major cause of security incidents – in fact , we reported that nearly a quarter of the breaches analysed in our 2020 DBIR were due to this . Faced with major disruption , increased workloads as a result of decreased workforces and of course , for many , the distraction of in-house family members and home-schooling , there is no wonder that more errors have been reported during the pandemic .
• Focus on stolen credential-related hacking : Our 2020 DBIR flagged that over 80 % of breaches were caused by stolen or brute-forced credentials .
This has now been exacerbated by the large number of employees working from home requiring ongoing remote access and workstation maintenance .
Business IT departments are being challenged to secure company assets on the corporate network while the majority of the workforce is out of the office .
This has widened the number of remote targets for cybercriminals to target .
• Use of ransomware is spiking : We saw that several incidents reviewed within the COVID-19 dataset involved the use of ransomware . These involved the copying and posting of data ( either partially or entirely ) publicly online . Of the nine malware incidents in the COVID-19 dataset , seven were confirmed breaches , demonstrating a spike in ransomware usage .
• Phishing emails play on emotions : Phishing has always been a popular cybercrime tactic . Prior to COVID-19 , we flagged that credential theft and social attacks such as phishing and business email compromises were at
26 INTELLIGENTCIO www . intelligentcio . com